Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

289 advisories

Loading
Moderate severity vulnerability that affects Zope2 Moderate
CVE-2010-1104 was published for Zope2 (pip) Jul 23, 2018
Cross-Site Scripting in Wagtail Moderate
CVE-2020-15118 was published for wagtail (pip) Jul 20, 2020
acarasimon96
Cross-site Scripting and Open Redirect in Products.CMFPlone Moderate
GHSA-8w54-22w9-3g8f was published for Products.CMFPlone (pip) Jan 28, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc Moderate
GHSA-cf4q-4cqr-7g7w was published for xml2rfc (pip) Apr 22, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares Moderate
GHSA-c58j-88f5-h53f was published for pycares (pip) Jul 5, 2022
Apache Superset is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2022-43718 was published for apache-superset (pip) Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting Moderate
CVE-2022-43717 was published for apache-superset (pip) Jan 16, 2023
Cross-site Scripting in FreeTAKServer-UI Moderate
CVE-2022-25507 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Roundup Moderate
CVE-2012-6133 was published for roundup (pip) Apr 23, 2022
westonsteimel
Twisted vulnerable to NameVirtualHost Host header injection Moderate
CVE-2022-39348 was published for twisted (pip) Oct 26, 2022
westonsteimel
Pallets Werkzeug cross-site scripting vulnerability Moderate
CVE-2016-10516 was published for Werkzeug (pip) May 14, 2022
jhutchings1
Cross-site scripting in Contentful Moderate
CVE-2020-13258 was published for contentful (pip) Jun 18, 2021
Cross-site Scripting in wagtail Moderate
CVE-2021-32681 was published for wagtail (pip) Jun 17, 2021
Cross-site Scripting in django-wiki Moderate
CVE-2021-25986 was published for wiki (pip) Dec 2, 2021
Inventree vulnerable to Stored Cross-site Scripting Moderate
CVE-2022-3355 was published for inventree (pip) Sep 30, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4728 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4729 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4730 was published for graphite-web (pip) Dec 27, 2022
Cross-site Scripting in Ericsson CodeChecker Moderate
CVE-2021-44217 was published for codechecker (pip) Jan 21, 2022
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
Cross-site Scripting in Weblate Moderate
CVE-2022-24710 was published for Weblate (pip) Feb 25, 2022
Cross-site Scripting in pyload-ng Moderate
CVE-2023-0488 was published for pyload-ng (pip) Jan 27, 2023
OpenStack Swift Cross-site Scriping vulnerability Moderate
CVE-2014-3497 was published for swift (pip) May 17, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting Moderate
CVE-2014-0157 was published for horizon (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API